Last week, the South Texas Area Maritime Security Committee, along with 20 public and private sector sponsors, held the first Maritime Awareness Security Terrorism Training Seminar focusing on Cybersecurity.

Subject matter experts spoke on a variety of cyber-focused topics including: Executive Overview for CEOs; Texas State Cybersecurity Resources; InfraGard Public-Private Cybersecurity Partnership; Network Defense best practices; Industrial Control System Cyber Emergency Response Team (ICS-CERT); and Forensics in computer crimes prosecutions.

Sector Corpus Christi’s Commander and Chair of the Area Maritime Security Committee, Capt. Tony Hahn, was a keynote speaker and touched on the Coast Guard’s Cyber Strategy and its effect on the marine transportation system. Maritime Commons is providing a condensed version of Hahn’s remarks. These remarks are not ‘as delivered’ but provide a condensed version of the highlights from his commentary.

Delivered by Capt. Tony Hahn

We are all stakeholders in the safety and security of our maritime commons and the most effective way prevent and combat threats is to work together, especially with cyber.

We have made huge progress increasing the safety and security of the maritime environment from a physical security and operational execution perspective. We have also collectively leveraged incredible technologies that have created huge efficiencies, cost savings, planning capabilities and improved security and situational awareness. That said, these large gains from cyber-based systems have also created potential vulnerabilities in our security posture that if exploited by the wrong employee, criminal organization, terrorist group or hostile nation, could cause huge impacts to our maritime security.

We have approximately 360 sea and river ports in the nation that are critically dependent on a safe, secure and efficient maritime transportation system to move over 1.3 trillion in annual cargo –all with a strong reliance on cyber technologies. We must learn and implement effective cyber security strategies and work collectively to discreetly share this critical information so that the threats can be neutralized by everyone.

While we look at this from an Area Maritime Security lens, I think there is some very useful information in the Coast Guard Cyber Strategy in how we can attack this threat.

The Coast Guard defined three strategic priorities in the Coast Guard Cyber Strategy – published in summer of 2015.

If you look at these three strategic priorities, they can be applied to any maritime organization. I recommend reading the Coast Guard Cyber Strategy; it could a very good template for your organization to start building your priorities, goals and objectives.

As you can see and many of you know, this is a something we must rely on unity of effort and attack from both a prevention and response strategy – we must all embrace cyber security and infuse it into our culture of work and it can only happen through significant buy in from all stakeholders.

I’d like to thank our Area Maritime Security Committee, and all AMSCs, as they directly enhance the security and safety of our ports and waterways and I am personally grateful, as a Captain of the Port, for their commitment to engaging on issues such as cybersecurity.

Hahn concluded by encouraging attendees to do the following:

• Incorporate cybersecurity into Area Maritime Security Committee risk assessments;
• Leverage grant funding to evaluate cyber risks;
• Create discreet venues to share cybersecurity information with maritime industry;
• Develop guidance for commercial vessels and facilities on how to identify and evaluate cyber-related vulnerabilities;
• Work with the International Maritime Organization to develop global maritime cyber prevention and response protocols;
• Incorporate cybersecurity into required training for vessel and security officers;
• Incorporate cybersecurity into requirements for Coast Guard issued mariner credentials.

Other speakers from the training seminar included the U.S. Attorney for the Southern District of Texas; FBI Houston Division; Nueces County Commissioner; Del Mar College; Chief Information Officer for the State of Texas; Computer Scientist from the FBI Houston Division; ICS-CERT; and Director of the Cyber Crimes Lab at the U.S. Department of Justice Computer Crime and Intellectual Property Section.

This blog is not a replacement or substitute for the formal posting of regulations and updates or existing processes for receiving formal feedback of the same. Links provided on this blog will direct the reader to official source documents, such as the Federal Register, Homeport and the Code of Federal Regulations. These documents remain the official source for regulatory information published by the Coast Guard.